漏洞标题
Apache ZooKeeper:在SSL Quorum Peer Authentication中绕过权限
漏洞描述信息
Apache ZooKeeper:SASL Quorum Peer Authentication中的授权绕过
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
漏洞类别
通过用户控制密钥绕过授权机制
漏洞标题
Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication
漏洞描述信息
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper (quorum.auth.enableSasl=true), the authorization is done by verifying that the instance part in SASL authentication ID is listed in zoo.cfg server list. The instance part in SASL auth ID is optional and if it's missing, like 'eve@EXAMPLE.COM', the authorization check will be skipped. As a result an arbitrary endpoint could join the cluster and begin propagating counterfeit changes to the leader, essentially giving it complete read-write access to the data tree. Quorum Peer authentication is not enabled by default.
Users are recommended to upgrade to version 3.9.1, 3.8.3, 3.7.2, which fixes the issue.
Alternately ensure the ensemble election/quorum communication is protected by a firewall as this will mitigate the issue.
See the documentation for more details on correct cluster administration.
CVSS信息
N/A
漏洞类别
通过用户控制密钥绕过授权机制
漏洞标题
Apache ZooKeeper 安全漏洞
漏洞描述信息
Apache Zookeeper是美国阿帕奇(Apache)基金会的一个软件项目,它能够为大型分布式计算提供开源的分布式配置服务、同步服务和命名注册等功能。 Apache ZooKeeper 3.9.1之前、3.8.3之前、3.7.2之前版本存在安全漏洞,该漏洞源于如果在 ZooKeeper 中启用了 SASL Quorum Peer 身份验证 (quorum.auth.enableSasl=true),则通过验证 SASL 身份验证 ID 中的实例部分会在 Zoo 中列出来,SASL 身份验证 ID 中
CVSS信息
N/A
漏洞类别
其他